• Design and implement a next-generation Risk Assessment and Mitigation Plan (RAMP) framework using AI, machine learning, behavioral patterns, and data analytics to proactively identify emerging compliance risks • Collect and analyze data to identify emerging global risks, control gaps, fraud, or non-compliance, and deliver clear reports and dashboards to inform strategic risk decisions • Developing, implementing, and enhancing a dynamic monitoring framework • Ensure timely, high-quality monitoring reports with executive summaries, root cause analysis, and clear recommendations • Maximize collaboration with external partners to oversee the execution of monitoring activities • Drive strategy and plan for live monitoring activities • Implement robust processes to ensure the quality, integrity, and traceability of data used in risk assessments • Serve as the primary compliance contact for Internal Audit • Oversee third-party risk management activities • Support gap assessment efforts

Role Description At UniSystems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for a Data Protection Compliance Expert to join our UniQue team. What will you be doing in this role: - Ensure compliance of IT operations with data privacy and data protection standards, laws and regulations. - Assist in designing, implementing, auditing and compliance testing activities in order to ensure data and privacy compliance. - Advise on data protection matters, in particular in the context of personal data processing. - Conduct privacy impact assessments. - Write and/or review records of processing activity on personal data for data controllers and privacy statements. - Develop, maintain, communicate and train upon the data privacy policies and procedures. - Provide legal advice and guidance on data privacy and data protection standards, laws and regulations. - Enforce and advocate organization’s data privacy and protection program. - Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities. - Monitor audits and data protection related training activities. - Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization. Qualifications - A Master's degree in a relevant field and at least 5 years of IT relevant professional experience and 4 years in a similar position. - At least 5 years of personal data protection compliance experience in an ICT, EU institutional, public-sector or similarly technology-heavy environment, including hands-on work with real systems, services or processing activities. - At least 3 years of hands-on experience preparing, updating or reviewing RoPAs, DPIAs, DPA, TIA or related personal data protection documentation for real systems or processing activities, including data mapping and obtaining or validating input from system owners, technical owners, architects, operations, cybersecurity/SOC teams or vendors. - At least 2 years of experience analysing and documenting technical arrangements relevant to personal data protection, including access rights, privileged access, logs or SIEM/log exports, retention, hosting, data flows, support access, transfers, processors or subprocessors. - Excellent knowledge and understanding of the EU data protection legislation and regulations. - Excellent knowledge of data protection standards, policies, methodologies and frameworks. - Excellent knowledge and understanding of legal, regulatory and legislative compliance requirements, recommendations and best practices. - Excellent knowledge and understanding of IT Operations and IT Services delivery. - Practical experience with privacy impact assessment standards, methodologies and frameworks. - Practical experience writing and reviewing records of processing activity on personal data for data controllers and privacy statements. - Required certificates, at least 3 of the among: CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), GSNA (GIAC Certified Systems and Network Auditor), GCCC (GIAC Certified Critical Controls), ISO 27001 Lead implementer, ISO 27001 Lead Auditor, ISO 27005 Risk Manager, CAP ((ISC)2 Certified Authorization Professional), CRISC (ISACA Certified in Risk and Information Systems Control), CISSP-ISSMP ((ISC)2 Certified Information Systems Security Management Professional), GIAC Certified ISO-27000 Specialist or equivalent certification recognized internationally. - Excellent command of spoken and written English (C1). Company Description At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our Diversity, Equality & Inclusion Policy for more information.

• Ensure compliance of IT operations with data privacy and data protection standards, laws and regulations. • Assist in designing, implementing, auditing and compliance testing activities in order to Ensure data and privacy compliance. • Advise on data protection matters, in particular in the context of personal data processing. • Conduct privacy impact assessments. • Write and/or review records of processing activity on personal data for data controllers and privacy statements. • Develop, maintain, communicate and train upon the data privacy policies and procedures. • Provide legal advice and guidance on data privacy and data protection standards, laws and regulations. • Enforce and advocate organization’s data privacy and protection program. • Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities. • Monitor audits and data protection related training activities. • Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization.

• Manage benefit plans in compliance with ACA guidelines, including managing open enrollment process and communications, analyzing, and making suggestions • Counsel and assist PETA Foundation and supported organizations’ staff members regarding benefit choices and claims • Develop and deliver state-required trainings to supervisors and employees • Work with supervisors and Managing General Counsel, Corporate Legal Affairs to respond to unemployment claims • Manage federal and state leave plans and accommodation requests • Work with departments and Deputy General Counsel, Corporate Legal Affairs, on workers compensation claims • Manage Benefits and Compliance Assistant • Assist with advising employees and management on dispute resolution, performance issues, and the interpretation of correct application of policies and procedures with diplomacy and tact to secure a resolution • Review state and federal reports • Assist in maintaining and updating policies and documents • Serve as backup for all Senior Director of Compliance’s tasks, including conducting and processing terminations • Conduct research on various compliance-related topics • Maintain strict confidentiality at all times • Perform any other duties assigned by supervisor